Total vulnerabilities in the database
Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.4, CSRF tokens can be reused by a malicious user, as on Windows servers no cleanup is done on CSRF tokens. This issue is fixed in versions 2.7.4 and 3.0.0.
Software | From | Fixed in |
---|---|---|
combodo / itop | 3.0.0-alpha | 3.0.0-alpha.x |
combodo / itop | - | 2.7.4 |
combodo / itop | 3.0.0-beta | 3.0.0-beta.x |
combodo / itop | 3.0.0-beta2 | 3.0.0-beta2.x |